Vulnerabilities > Etherpad > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-29 | CVE-2018-9845 | Improper Handling of Case Sensitivity vulnerability in Etherpad Lite Etherpad Lite before 1.6.4 is exploitable for admin access. | 9.8 |
| 2018-04-07 | CVE-2018-9326 | Unspecified vulnerability in Etherpad 1.6.3 Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary code. | 9.8 |
| 2018-02-08 | CVE-2018-6835 | Improper Input Validation vulnerability in Etherpad node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions. | 9.8 |